OPENSSH WITHOUT OPENSSL

20 Oct 2014 by Curtis

OpenSSH supports being compiled without OpenSSL. OpenSSL is a lot of code, and I think that I'm pretty safe in saying more code more bugs, so if we remove a bunch of code from OpenSSH then we should have less bugs. In theory.

NOTE: This just covers compiling ssh without ssl. Configuring it after compiling and installing is not written up yet. Once I get that working I'll come back and update this post.

New curves and keys

OpenSSH has recently added some new elliptic curve ciphers and key formats. Some of this is Dr. Daniel Bernstein's work. See SUPERCOP, curve25519, etc, for more information.

ssh(1), sshd(8): Add support for key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange method is the default when both the client and server support it.

ssh(1), sshd(8): Add support for Ed25519 as a public key type. Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys.

make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm

Compiling without OpenSSL

I am using OpenBSD 5.5 (5.6 should be out soon), and OpenSSH 6.7. There are instructions here to compile ssh. The only change I'll be making is to set OPENSSL=no when make is run.

First we download all the source code. I'm downloading the src.tar.gz file to get the entire OpenBSD source. I don't think this step is actually necessary, but to follow the official instructions to compile OpenSSH it is, so I'm doing that.

Conclusion

While compiling without OpenSSL was straightfoward, I'm struggling with the configuration. Mostly I just need to get a better understanding of the cipher, exchange, and key formats that have recently been added. So apologies on that front--I'll keep digging into this. This is a good opportunity to get back into "ssh shape" so to speak.

Also, the OpenBSD project is working hard on LibreSSL which is a fork of OpenSSL, so eventually OpenSSH will use that. But for now it's kind of fun to try out OpenSSH without any ssl at all.

I think this could be useful in situations where you are using many OpenBSD servers and a configuration management system that uses ssh to connect, ala Ansible. Other configuration management systems typically rely on OpenSSL certificates, systems such as Chef and Puppet. So if there are OpenSSL vulnerabilities, which there are, then these systems can also have vulnerabilities. Given the recent heartbleed issue with OpenSSL, I think we all know that it's a large codebase that hasn't had the attention it needs. I think it will get that attention now, but it's going to take time to clean it all up. In the meantime, using ssh without ssl is an interesting option.